Eyes, I Mean Sensors On the Road – Understanding and Safeguarding IoT in Cars

I recently started learning to drive. The first class left me panicked and overwhelmed. The Herculean task of turning, as well as having to remember that the car took up more space than just my seat, left me never wanting to drive again. Subsequent classes were less scary, but I still found myself wistfully thinking, “Why couldn’t my car just drive itself?” After all, the Internet of Things (IoT) is growing, with all kinds of fancy new ‘smart’ devices connecting to it. There would surely be some technology to automate cars.  

This piqued my curiosity. On what basis would a self-driving car make decisions? How would these cars communicate with each other? How can we protect these cars from attackers? The intent of this article is to gain a basic understanding of these concepts.  

What are self-driving cars? 

A self-driving car, as the name suggests, would need little to no human intervention. The car would manage actions like steering, accelerating, braking, turning and changing lanes. Meanwhile, the driver could relax and maybe even catch up on their favorite show! That is, if they are not prone to carsickness. 

Cars could be classified based on their level of automation. Level 0 would have no automation and a human driver would need to take complete control. Level 5 is where the ideal self-driving car would be. Human intervention would be unnecessary, and perhaps even impossible, because these cars would not have steering wheels or other manual controls! The levels in between would feature automation for limited functions, Adaptive Driver Assistance Systems (ADAS), or complete automation within a geo-fenced area. 

The following sections will get more technical and perhaps a bit harder to read, however, the concepts they outline are rather fascinating, so please do read on! I won’t take long, I promise. 

What are the uses of the Internet of Things in self-driving cars?

How can the Internet of Things be used to make cars ‘smart’ enough to drive themselves? These are some important aspects:

1. Self-driving cars are equipped with sensors that collect data from the surroundings to create a picture of the environment. Sensors are a crucial part of IoT devices.
2. The sensor data is sent to the cloud, where AI or machine learning algorithms process and analyze it to improve performance, decision making and route optimization.
3. In case of an emergency, a self-driving car can contact emergency services and provide information about the location of the car and the severity of the accident.
4. Users can access infotainment systems in the car through Bluetooth. These would include voice assistants and streaming content.
5. Users can see car statistics on a smartphone app and could even perform functions like summoning the car at the press of a button.

What are the types of sensors used in self-driving cars?

Sensors in self-driving cars are like the eyes of a human driver. They record what is happening around them, based on which the car can make decisions. Sensors can be exteroceptive or proprioceptive.

Exteroceptive sensors monitor factors outside the car. These include cameras, radar, LiDAR, and ultrasonic sensors:

1. Cameras capture video stream. A self-driving car would have at least 15 to 20 cameras, located on all sides of the car.

2.In radar, electromagnetic waves are bounced off an object and the time taken for them to return is used to calculate the distance of the object from the car. Relative velocity of the object with respect to the car can be found using the Doppler shift. Electromagnetic waves of long wavelengths, specifically microwaves and radio waves, are used in radar as they can penetrate through the atmosphere even in bad weather.

3. LiDAR is used to create extremely detailed images of obstacles, with more precision and accuracy than 20/20 vision. Short periodic laser pulses of infrared rays are created using wave interference. Each pulse gives the 3D coordinates or location of a specific part of the obstacle. Thousands and maybe even millions of these pulses would together create a detailed 3D image of the obstacle with accurate depth and shape. Each individual pulse works similarly to radar.

4. Ultrasonic works like radar but uses sound waves instead of electromagnetic waves.

Proprioceptive sensors capture data about the car’s internal statistics such as force, torque, wheel load and battery voltage.

Each sensor can focus on only a part of the environment. For example, a camera on a certain part of the car would be able to ‘see’ only through a limited angle. Through sensor fusion, data from individual sensors would be collected to form a big and detailed picture of the car’s environment.

What are the other components of autonomous cars?

Satellite Communications (SATCOM) is used to map the location of the car and plan a route. Sensor and mapping data is used by decision making algorithms to generate commands. These commands are executed by actuators, which handle the car’s movements like steering, braking, accelerating, or changing lanes. Monitoring and feedback systems make sure that the car is in good condition. With over-the-air updates, cars can get software updates or debugging done anytime without visiting a service center.

How do self-driving cars communicate with each other?

By communicating with each other, self-driving cars can get information about road conditions ahead of time, which helps make traffic management smoother. There are many kinds of communication between vehicles and their surroundings. These are some of them:

V2V (Vehicle to Vehicle): In V2V communications, vehicles send each other basic safety messages (BSMs) one to ten times per second. With BSMs, one car can tell another car its 3D and geographic location, speed, acceleration, steering wheel angle, and more. Cars also receive alerts about traffic, dangerous road conditions and weather conditions within a 300-metre range.

V2I (Vehicle to Infrastructure): Vehicles communicate with the infrastructure, which includes streetlights, parking meters, traffic lights and sign boards. These provide alerts about weather and the traffic status.

V2X (Vehicle to Everything): This encompasses V2I and V2V. Other forms of communication include V2C (Vehicle to Cloud) and V2P (Vehicle to Person). V2V and V2I happen via DSRC.

Cars which can communicate in the above ways are called connected vehicles, irrespective of whether they are self-driving or not.

What is DSRC?

DSRC or Dedicated Short Range Communications is an RF (Radio Frequency) protocol used for V2V and V2I communications. In DSRC, data is sent as packets with header information for routing and error correction.

DSRC operates in the 5.9 GHz band specially reserved for ITS (Intelligent Transportation System). It has a bandwidth of 75 MHz, ranging from 5.850 GHz to 5.925 GHz. DSRC is divided into seven channels, one for control and six for communication. It is based on the IEEE 802.11p standard.

DSRC communicates via broadcasting and VANETs (Vehicular Ad-Hoc Networks), where vehicles form temporary networks to relay information beyond the line of sight.

Modulation techniques like BPSK¹ (Binary Phase Shift Keying) and QPSK² (Quadrature Phase Shift Keying) are used to encode information onto waves. The radio communication methods are DSSS³ (Direct Sequence Spread Spectrum) and FHSS⁴ (Frequency Hopping Spread Spectrum). A collision avoidance mechanism CSMA/CA⁵ (Carrier Sense Multiple Access with Collision Avoidance) is in place.

For privacy and to avoid trackers, AES⁶ (Advanced Encryption Standard) and pseudonym identifiers are used in communication.

What are the advantages of self-driving cars?

If self-driving cars became the norm, they would completely revolutionize commuting in the following ways:

1. Accidents caused by human error would be eliminated, which are currently the majority of accidents.
2. Non-drivers, the elderly, and the differently abled would be able to commute independently.
3. The constant data analysis which comes with self-driving cars would mean constant optimization of traffic management, decreasing road congestion. This would reduce the time spent in transit significantly.
4. This also means less fuel usage and hence lower levels of emissions, which is a step towards sustainability.
5.  There would no longer be worries about finding a parking spot as the car can do that independently once it drops its passengers off.  
6. Travelling by road would become extremely comfortable and convenient, as it would require minimal effort on the part of the car user.

What are the risks or potential drawbacks of self-driving cars?

1. The more technologies autonomous cars are integrated with, the more attack surface there is. For example, if self-driving cars are integrated with Alexa, if a hacker compromises Alexa, they could take control of the car. Eventually, traffic management may move to the cloud, which would serve as a new integration point and hence a new attack point. Several lines of complex code could also increase the likelihood of errors.

2. While a traditional car can only be hijacked physically, self-driving cars can be remotely hijacked through unauthorized access gained by hackers to their computer systems. Hackers may be interested in finding weaknesses in the code. Through unverified APIs, they can perform small actions like lowering windows. Criminals can place ransomware on automated cars. Governments could use self-driving cars to launch coordinated attacks. Communications between cars can be intercepted and used to track the vehicles.

3. Not everyone may immediately warm up to using them, which gives rise to the question of how they will integrate on roads with traditional cars driven by humans.

4. Our infrastructure is not designed for self-driving cars at present, which may lead to accidents.

5. People who work as drivers would lose their jobs.

While these drawbacks are many in number, security controls can be put in place to reduce the likelihood of threats caused by attackers. In the next section, we will look at one particular aspect of security, which is securing communications between connected vehicles.

How to ensure secure communications between autonomous vehicles or connected vehicles?

For secure communications between autonomous vehicles, the SCMS or Security Credential Management System exists. A vehicle with connected vehicle capabilities can join the V2X network by requesting registration from the SCMS. The SCMS grants an enrolment certificate, which authorizes the vehicle to use the network. To send a message, the onboarding equipment (OBE) of an autonomous car must receive an identification certificate from the SCMS, which is like a digital signature that can be attached to the message. This is encrypted into a pseudonym certificate to protect the sender’s identity from trackers. Before the receiver opens the message, the digital signature is checked against a list of previously banned signatures to ensure that it is still valid. Finally, the message reaches the receiver.

Bottom line:

While there are many potential hazards associated with self-driving cars, the advantages outweigh the risks. Earlier, marketability was more important than security for vendors. However, now, security measures are being prioritized, which allays some risks.

While fully autonomous cars are not available yet, cars at several levels of automation are being tested. When Level 5 autonomous cars arrive in the market, I will surely be jumping onto that bandwagon. Sensors that can see better than I can, less time wasted in traffic jams, not having to worry about causing damage through my ineptitude, what’s not to like? I would love nothing more than to type in a destination, and sit back while my car does the rest.

Note: This is the first part of a two-part blog. The second part is about threat modelling and can be viewed here.

Glossary:

1. BPSK – Binary Phase Shift Keying is a modulation technique where the phase of a carrier signal is shifted by 0 degrees to transmit binary 1 and 180 degrees to transmit binary zero.
2. QPSK – Quadrature Phase Shift Keying is a modulation technique where two bits are transmitted at once. Two bits could mean 00, 01, 10 and 11. There are four phase shifts, which would each need to be 90 degrees apart, each corresponding to one pair of bits. This could be 0?, 90?, 180? and 270?, or 45?, 135?, 225?, and 315?.
3. DSSS – Direct Sequence Spread Spectrum is a modulation technique where the signal is transmitted over a wider bandwidth than necessary for basic transmission. This helps avoid interference and wideband interception.
4. FHSS – Frequency Hopping Spread Spectrum is a modulation technique where the carrier frequency of the signal rapidly changes or hops in a complex hopping pattern known only to the sender and receiver. This helps avoid interception or jamming unless the hopping pattern is known.
5. CSMA/CA – Carrier Sense Multiple Access with Collision Avoidance is helpful when several devices share a communication channel. Devices listen to check if the channel is already being used by another device before transmitting their own message. If the channel is in use, they will wait for a random period before transmission to avoid collision of messages.
6. AES – Advanced Encryption Standard is a strong encryption method. For one round of encryption, there are four steps: substitution, shifting rows, mixing columns, and adding a round key. For a 128-bit input, there would be 10 such rounds of encryption.

References:

1. ‘Securing IoT: From Security to Practical Pentesting on IoT’ Udemy Course by Brian Russell and Sunil Gupta (Packt Publishers)
2. https://autocrypt.io/security-credential-management-system/